Subject: | no mechanism for timing out DNS lookups |
It would be nice to be able to specify a timeout for doing DNS lookups
of, for instance, KDC IP addresses. Right now, the library just calls
getaddrinfo and takes however long getaddrinfo takes. When Kerberos
calls are done by a PAM module, this can result in login timeouts rather
than failover to local authentication.
Solving this problem will probably require using an asynchronous DNS
mechanism such as described in RT#1453.
of, for instance, KDC IP addresses. Right now, the library just calls
getaddrinfo and takes however long getaddrinfo takes. When Kerberos
calls are done by a PAM module, this can result in login timeouts rather
than failover to local authentication.
Solving this problem will probably require using an asynchronous DNS
mechanism such as described in RT#1453.